Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/sdCvNPokaq7EYKu4o4GR5tMOMHg.roa
File: sdCvNPokaq7EYKu4o4GR5tMOMHg.roa (raw, json)
Hash identifier: 4SKWZxyvVDPaNw6BhXQmCooPWNjBwhWZV7vgL3LOu78=
Subject key identifier: B1:D0:AF:34:FA:24:6A:AE:C4:60:AB:B8:A3:81:91:E6:D3:0E:30:78
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1F8C
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/sdCvNPokaq7EYKu4o4GR5tMOMHg.roa
Signing time: Sun 01 Jun 2025 19:08:41 +0000
ROA not before: Sun 01 Jun 2025 19:08:41 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8076 (0x1f8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 1 19:08:41 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B1D0AF34FA246AAEC460ABB8A38191E6D30E3078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:04:08:13:1b:bf:e3:2f:6c:c0:f9:ee:5e:d5:
9d:0e:a9:af:1d:04:3b:56:7f:81:f5:b4:8d:09:d7:
ed:ca:63:df:5c:1f:3a:82:1b:bf:44:de:2e:fd:1c:
9c:84:15:3f:30:1e:94:f0:72:b1:3a:bd:36:23:ba:
a0:4e:67:96:0f:22:52:46:2e:26:8c:97:0e:d5:f4:
8a:bf:4f:76:66:05:59:c2:be:91:cf:46:79:d8:43:
14:b6:d3:a1:03:17:e6:5a:fc:57:24:69:40:ca:54:
44:b0:d4:80:10:b0:d6:bd:f1:ef:ac:2a:5c:68:6e:
52:b9:15:e6:84:e8:da:79:0f:55:41:c3:70:16:28:
8f:f0:46:6b:5f:f7:73:4e:58:30:c7:13:80:db:fe:
5c:bd:eb:a0:fa:00:7f:40:03:98:4a:16:13:46:13:
ae:83:52:20:0c:2d:d6:73:6b:d1:96:1d:78:e3:45:
18:74:85:c2:dc:76:51:83:44:58:80:12:3a:07:4d:
97:cf:1a:15:74:f9:e2:84:fc:8a:79:ef:e6:19:c5:
15:5e:27:ba:e7:b6:a9:49:b8:7b:81:cd:5d:c5:26:
2e:97:16:c5:12:85:c6:ee:12:94:6e:9d:bc:2b:03:
d6:60:3e:63:a6:9d:36:a7:c2:3d:ce:77:db:5d:f0:
c2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D0:AF:34:FA:24:6A:AE:C4:60:AB:B8:A3:81:91:E6:D3:0E:30:78
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/sdCvNPokaq7EYKu4o4GR5tMOMHg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
24:13:33:6d:95:c2:92:6f:10:99:c5:df:e7:18:81:e3:57:ff:
a6:76:5f:dd:fa:c7:a9:6d:a6:61:a8:6f:e2:2d:2e:a9:b2:54:
1b:31:3f:36:39:3d:08:2d:29:a3:22:da:9e:e3:44:a6:2a:fa:
2e:04:db:58:8d:98:89:96:56:3a:2f:c6:55:f5:b1:aa:bb:82:
64:26:94:5a:f8:f9:29:54:23:7d:96:41:dd:bc:1c:5a:cf:4d:
36:f1:6b:5d:21:10:dc:e1:85:33:28:d8:75:5b:b5:4f:1c:29:
a2:90:75:ff:c1:c2:e5:1d:6c:27:51:da:14:4d:75:43:bf:88:
f4:40:1d:a0:6c:ad:96:ed:1e:e8:86:06:f5:07:08:fd:26:c1:
8f:5f:0f:58:e2:94:c7:7c:3d:0b:e6:25:7d:4a:5d:ae:1e:65:
c7:1c:21:d5:66:7b:3f:04:3f:cd:e3:7b:4b:72:a2:07:37:6d:
06:cc:3d:2a:db:78:37:5e:d7:f6:a7:cd:d6:05:1e:ae:36:03:
07:ab:46:4c:77:3a:8d:87:2e:d6:c8:55:64:a9:ac:0a:16:46:
47:03:4f:eb:35:e4:2c:03:ac:93:fe:89:ee:2e:86:c7:70:c3:
77:41:b3:5c:29:cd:cd:b2:00:9c:d3:59:69:5c:63:f6:36:a0:
ed:d7:93:ad
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICH4wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDEx
OTA4NDFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEIxRDBBRjM0RkEyNDZB
QUVDNDYwQUJCOEEzODE5MUU2RDMwRTMwNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiBAgTG7/jL2zA+e5e1Z0Oqa8dBDtWf4H1tI0J1+3KY99cHzqC
G79E3i79HJyEFT8wHpTwcrE6vTYjuqBOZ5YPIlJGLiaMlw7V9Iq/T3ZmBVnCvpHP
RnnYQxS206EDF+Za/FckaUDKVESw1IAQsNa98e+sKlxoblK5FeaE6Np5D1VBw3AW
KI/wRmtf93NOWDDHE4Db/ly966D6AH9AA5hKFhNGE66DUiAMLdZza9GWHXjjRRh0
hcLcdlGDRFiAEjoHTZfPGhV0+eKE/Ip57+YZxRVeJ7rntqlJuHuBzV3FJi6XFsUS
hcbuEpRunbwrA9ZgPmOmnTanwj3Od9td8MK1AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUsdCvNPokaq7EYKu4o4GR5tMOMHgwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvc2RDdk5Qb2thcTdF
WUt1NG80R1I1dE1PTUhnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBACQTM22VwpJvEJnF3+cYgeNX/6Z2
X936x6ltpmGob+ItLqmyVBsxPzY5PQgtKaMi2p7jRKYq+i4E21iNmImWVjovxlX1
saq7gmQmlFr4+SlUI32WQd28HFrPTTbxa10hENzhhTMo2HVbtU8cKaKQdf/BwuUd
bCdR2hRNdUO/iPRAHaBsrZbtHuiGBvUHCP0mwY9fD1jilMd8PQvmJX1KXa4eZccc
IdVmez8EP83je0tyogc3bQbMPSrbeDde1/anzdYFHq42AwerRkx3Oo2HLtbIVWSp
rAoWRkcDT+s15CwDrJP+ie4uhsdww3dBs1wpzc2yAJzTWWlcY/Y2oO3Xk60=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:47:03 2025 by rpki-client